<?
include "config.php";

if(TRANSFER_KEY != $_GET['transferKEY']){echo "Your access is forbidden. Thank you."; exit;}

$filecode = $_GET['filecode'];
$username = $_GET['username'];
$password = $_GET['password'];


//echo "da";
$sql = mysql_query("select id from filebin_users where user_name='".$loc->db_cmp($username)."' and pass_word='".$loc->db_in($password)."'");
$resEx = mysql_fetch_array($sql);
//echo mysql_error();
if(!$resEx['id']){echo "Your access is forbidden. Thank you."; exit;}
//echo "da1";
$sqlF = mysql_query("select id,uid,filecode from filebin_files where uid='".$loc->db_cmp($resEx['id'])."' and filecode='".$loc->db_cmp($filecode)."'");
$resFEx = mysql_fetch_array($sqlF);
if(!$resFEx['uid']){echo "Your access is forbidden. Thank you."; exit;}
//echo "da2";


mysql_query("delete from filebin_files where id='".$resFEx['id']."'");
//echo mysql_error();
$dest = UPLOAD_DIR . $loc->db_out($resFEx['filecode']);
@unlink($dest);
//Now remove the thumbnail
$destT = THUMBS_DIR . $loc->db_out($resFEx['filecode']).".jpg";
@unlink($destT);
if(file_exists(THUMBS_DIR . $loc->db_out($resFEx['filecode'])."_poor.jpg")){
	$destTB = THUMBS_DIR . $loc->db_out($resFEx['filecode'])."_poor.jpg";
	@unlink($destTB);
}


//Now remove the large thumbnail
$destTA = TEMP_THUMBS_DIR . $loc->db_out($resFEx['filecode']).".jpg";
@unlink($destTA);

?>